GAQM GAQM Certifications CEH-001 Questions & Answers

• Question 401:

  A newly discovered flaw in a software application would be considered which kind of security vulnerability?

  A. Input validation flaw

  B. HTTP header injection vulnerability

  C. 0-day vulnerability

  D. Time-to-check to time-to-use flaw

  Correct Answer: C

• Question 402:

  What are the three types of authentication?

  A. Something you: know, remember, prove

  B. Something you: have, know, are

  C. Something you: show, prove, are

  D. Something you: show, have, prove

  Correct Answer: B

• Question 403:

  The following is a sample of output from a penetration tester's machine targeting a machine with the IP address of 192.168.1.106:

  

  What is most likely taking place?

  A. Ping sweep of the 192.168.1.106 network

  B. Remote service brute force attempt

  C. Port scan of 192.168.1.106

  D. Denial of service attack on 192.168.1.106

  Correct Answer: B

• Question 404:

  A tester is attempting to capture and analyze the traffic on a given network and realizes that the network has several switches. What could be used to successfully sniff the traffic on this switched network? (Choose three.)

  A. ARP spoofing

  B. MAC duplication

  C. MAC flooding

  D. SYN flood

  E. Reverse smurf attack

  F. ARP broadcasting

  Correct Answer: ABC

• Question 405:

  A hacker searches in Google for filetype:pcf to find Cisco VPN config files. Those files may contain connectivity passwords that can be decoded with which of the following?

  A. Cupp

  B. Nessus

  C. Cain and Abel

  D. John The Ripper Pro

  Correct Answer: C

• Question 406:

  Which technical characteristic do Ethereal/Wireshark, TCPDump, and Snort have in common?

  A. They are written in Java.

  B. They send alerts to security monitors.

  C. They use the same packet analysis engine.

  D. They use the same packet capture utility.

  Correct Answer: D

• Question 407:

  A pentester gains access to a Windows application server and needs to determine the settings of the built-in Windows firewall. Which command would be used?

  A. Netsh firewall show config

  B. WMIC firewall show config

  C. Net firewall show config

  D. Ipconfig firewall show config

  Correct Answer: A

• Question 408:

  ICMP ping and ping sweeps are used to check for active systems and to check A. if ICMP ping traverses a firewall.

  B. the route that the ICMP ping took.

  C. the location of the switchport in relation to the ICMP ping.

  D. the number of hops an ICMP ping takes to reach a destination.

  Correct Answer: A

• Question 409:

  A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the corporate network. What tool should the analyst use to perform a Blackjacking attack?

  A. Paros Proxy

  B. BBProxy

  C. BBCrack

  D. Blooover

  Correct Answer: B

• Question 410:

  An ethical hacker for a large security research firm performs penetration tests, vulnerability tests, and risk assessments. A friend recently started a company and asks the hacker to perform a penetration test and vulnerability assessment of the new company as a favor. What should the hacker's next step be before starting work on this job?

  A. Start by foot printing the network and mapping out a plan of attack.

  B. Ask the employer for authorization to perform the work outside the company.

  C. Begin the reconnaissance phase with passive information gathering and then move into active information gathering.

  D. Use social engineering techniques on the friend's employees to help identify areas that may be susceptible to attack.

  Correct Answer: B